Technology has always played a critical role in cyber security, but effective solutions always require human involvement. Scanning, monitoring and assessment programs are of limited use without an analyst to qualify results and turn them into fixes.
Finding unique, advanced exploit methods remains a job for a penetration tester.
The relationship between security technologies and security professionals may be best described as a partnership. New developments from MIT’s Computer Science and Artificial Intelligence Laboratory reaffirm this relationship and offer insights into how the partnership can be augmented by leveraging AI.
MIT’s cyber security system, called AI2, combs through millions of logs per day to find suspicious events. A security professional then reviews the data for signs of a breach, weeding out false positives in the process. The work required to keep up with such a system could easily become cumbersome – but this is where artificial intelligence starts to make an impact.
As an analyst flags abnormalities that appear to be intrusions, the AI2 system gathers the contextual information it needs to make modifications in its routines. Thus, the more human input the system receives, the smarter it gets, narrowing the output of potential threat indicators it finds.
In testing the AI2 system with analyst input, MIT researchers observed an 85 percent detection rate over 90 days. Research lead Kalyan Veeramachaneni claims that, without the AI refinements of the system, analysts would need to review thousands of entries per day to achieve a similar result. And the system’s machine learning processes, without human input, would result in a success rate of 7.9 percent.
MIT’s research emphasizes that machines may have the capability to assist in dealing with cyber security’s growing talent gap. However, a healthy population of skilled professionals will remain critical for real success. Well-staffed teams can use such technologies to streamline the maintenance tasks involved in their daily work and dedicate their energies to higher-value pursuits.
Lunarline has developed a number of intelligent solutions designed to augment and simplify the work of security professionals. Our malware assessment program and Ground Station, our cyber intelligence platform, leverage contextual information and analyst input to enhance their capabilities. Sniper, our penetration testing platform, automates and standardizes advanced testing routines, and our in-house SOC can bring all these tools together to improve your security posture.
You can learn more about these innovative solutions and others by visiting Lunarline.com. If you’re ready to deploy intelligent cyber security capabilities at your organization, contact one of our experts now.